Hi, I’m BobH, Finance Associate.
Violated the Office Policy
-
By falsifying and manipulating official records.
Caught by the Administration…
Installing a WiFi AP near the office…
-
That has same SSID and Credentials as office device.
If anyone Connect, I got Access..
Accessing Entire Network.
-
Even can control entire network.
Disclaimer
-
Educational Purpose only.
-
Please don’t use it anywhere.
Rogue AP attack
-
Falls under Social Engineering.
-
Actions may involve planting unauthorized device inside the secured network.
-
Devices such as switches, Routers, WiFi AP.
-
Like, BobH did anyone can do this attack with ease.
-
The device, He installed is called Rouge AP.
-
It is rarely Noticable. So, Normal people can’t realize even if they used for this attack.
-
In addition to that, Ther are many tools available for free.
-
Also, Some deploy ready equipments available online such as WiFi Pineapple
-
Evil-Twin Framework for RED TEAM
-
OpenSource
-
Written in python.
-
Used for WiFi Pentesting.
-
Able to to Packet sniffing (scapy), Packet injection, and Twin AP creation.
-
It is so popular, that Rogue AP attack often refered as Evil-Twin Attack.
Precaution & Safety
-
Follow regular Security update.
-
Say “no” to public Wi-Fi.
-
Encourage use of properly installed, configured and secured wireless LANs only.
-
Good think is some new device can tell apart Evil-Twins.
-
Snort 3 for BLUE TEAM.
-
Opensource Intrution Prevention Software.
-
uses a series of rules that help define malicious network activity and Stop those packets.
-
Capable of real-time traffic analysis and packet logging.